What is Sentinel? (Masternodes)
- Thread starter purplegreenred
- Start date
-
- Tags
- masternode sentinel
Is the above url link considered as explanation of what sentinel does or will do?
Are you kidding?
I've read that and all I gather is that what used to be in the dashd is now a separate thingy bound to dashd.
Still no idea how or why this was done, how it's helpful/better, or how MNs are being protected, or not...
Still no idea how or why this was done, how it's helpful/better, or how MNs are being protected, or not...
You said exactly what I also said, one message before.
Beware because the well known gang ( @aleix @Macrochip @tungfa @ceti ) may dumb or troll rate your message too.
Better say that everything is perfectly explained in sentinel, so that the well known gang will bomb you with like rates.
What can I say about this gang of advertisers and marketeers? Disgust..
Those are your own very specific additional questions. OP had just two very simple questions :
which is addressed in the link that tungfa provided : https://dashpay.atlassian.net/wiki/display/DOC/Sentinel
I dont mind us going into your questions more deeply, but that will mean that we divert from OP's original question(s).
Last edited:
I'm just making it known that most MNOs have absolutely no idea what they just installed, why they installed it, or what it does... And this time, not because they're stupid, but because the information available is so vague that it has no meaning.
You can read that whole thing and still not know anything more than when you started.
So, I asked some more specific questions because you seem to have missed the point...
Related post is related...
I'm just re-iterating the OP's request in another way.
Can you explain Sentinel in a way that doesn't require the listener to already know everything and have no reason to have asked in the first place?
Since there seems to be a chronic inability to "talk normal" I figured I'd guide the process with some questions instead of just leave the thread dead and useless...
It looks like the DGBB has been "popped out" of the dashd and now exists as a separate entity called every 5 minutes. So, in not nerd speak, why? Why do this? What has been gained? Why was this needed? What problem did it solve? How does this help? Why is it better this way? It seems to have done nothing more or different than the way it was 10 months ago... So, since we can't see a difference, please tell us. Is there anything new MNOs need to know regarding Server Security and PoSe score? Since this is a revamp of the governance, how do we vote now?
Followed by
This means nothing to anyone except the person who wrote it. It definitely didn't contain any layman's terms.neckbeard said:
You can read that whole thing and still not know anything more than when you started.
So, I asked some more specific questions because you seem to have missed the point...
Since it covers the same general yarn of "WTF just happened?" why not do both?
Related post is related...
I'm just re-iterating the OP's request in another way.
Can you explain Sentinel in a way that doesn't require the listener to already know everything and have no reason to have asked in the first place?
Since there seems to be a chronic inability to "talk normal" I figured I'd guide the process with some questions instead of just leave the thread dead and useless...
It looks like the DGBB has been "popped out" of the dashd and now exists as a separate entity called every 5 minutes. So, in not nerd speak, why? Why do this? What has been gained? Why was this needed? What problem did it solve? How does this help? Why is it better this way? It seems to have done nothing more or different than the way it was 10 months ago... So, since we can't see a difference, please tell us. Is there anything new MNOs need to know regarding Server Security and PoSe score? Since this is a revamp of the governance, how do we vote now?
Last edited:
Thank for the replies. I think you have hit the nail on the head, camosoul 
Nothing new seems to have been added, so why is sentinel needed?
"Sentinel is an autonomous agent for persisting, processing and automating" were things not persistent, processed or automated before?
One more question, if it is important why is it only called once every 5 minutes?
Anyway, I have had a look at the linked document from tungfa and it doesn't really tell me why.
Nothing new seems to have been added, so why is sentinel needed?
"Sentinel is an autonomous agent for persisting, processing and automating" were things not persistent, processed or automated before?
One more question, if it is important why is it only called once every 5 minutes?
Thank for the replies. I think you have hit the nail on the head, camosoul
Anyway, I have had a look at the linked document from tungfa and it doesn't really tell me why.
Nothing new seems to have been added, so why is sentinel needed?
"Sentinel is an autonomous agent for persisting, processing and automating" were things not persistent, processed or automated before?
One more question, if it is important why is it only called once every 5 minutes?
The problem my friend is not sentinel. The problem is the quality of the community, the quality of those who consist the votes of Dash.
Have a look at them.
https://www.dash.org/forum/posts/113571/ratings
The same people who irrationaly dumb rated my logical quote, the same way they voted for sentinel! No wonder why sentinel is a mess. The way they rate my quotes, the same way they vote into the budget system in favor of sentinel or in favor of any other bullshit.
The Dash community was initially occupied by a gang of irrationals, whose behavior discourages the smart and logical people to participate here and help Dash improve.
Last edited:
You seem well placed in the community you describe. No answer to the question asked, no constructive comments of any kind.
If this thread is dumb, it is so because of a lack of accessible documentation. Or maybe I have missed some important posts, in which case I would apologise for the spam/time wasting post.
I would be grateful if someone could shed more light on this issue or point me in the right direction
They just call it trolling and put you on ignore... How dare you not be a mind reader! TRIGGERED! That's just how very snowflake it is around here...Thank for the replies. I think you have hit the nail on the head, camosoul
Anyway, I have had a look at the linked document from tungfa and it doesn't really tell me why.
One more question, if it is important why is it only called once every 5 minutes?
It almost seems like a cleanup script... Which only makes us wonder more... Why did it take 10 months and nearly $1,000,000 to do it?
From a software engineering perspective it makes a lot of sense actually.
Evan said they wanted to clone the existing Governance Model through the new system. Sentinel is a result of that. If you want to expand an existing system it's a good approach to first modularize it into single components each of which are easier to work on individually.
So splitting this part from the daemon is only a first step towards the planned features we heard of in Evolution. It's classic divide and conquer.
Evan said they wanted to clone the existing Governance Model through the new system. Sentinel is a result of that. If you want to expand an existing system it's a good approach to first modularize it into single components each of which are easier to work on individually.
So splitting this part from the daemon is only a first step towards the planned features we heard of in Evolution. It's classic divide and conquer.
Let me say it like this:
Software Engineering Perspective != Layman's Terms
So.... It's a plywood toaster on wheels? Or was my guess accurate?
I did not reply to him. I replied to you, camo. You were the one that asked why it was ripped out of dashd. I think you have enough intellect to understand my explanation.
No "layman's terms" in there
It's like pulling teeth to get a straight answer, followed be being told that whoever asked is a jerk for asking... Every. Single. Time.
If the goal is to be Grandma Friendly; what would your Grandma say about acting like that?
If the goal is to be Grandma Friendly; what would your Grandma say about acting like that?
Ugh, this question is not being answered, and that link is mumbo jumbo to normal people.
Camosoul is jabbing at us, not you, just so you know, @purplegreenred He is being sarcastic
I'm gonna give this a try, but it will need correction, because like most, I don't know exactly how any of this works
The wallet is a type of node, it connects to other wallets/nodes. Sentinel is another kind of node, and it kind of runs through or connects through the wallet node. It processes information and stores it in a database. It's a more sophisticated program than the budgeting system we had before. It can handle many variables and rules on how payments are made. But this is just the beginning. It will also process other information eventually, aside from the budgeting system. It may end up handling other databases, or the core team may choose to go back to mysql for a more complex database. By modularizing Dash, the main wallet can keep in synchronicity with Bitcoin, yet have completely new functionalities. Sentinel takes these functionalities that could create complications that mess everything up if directly applied to the core wallet, and runs them separately.
OK, so what is possible with Sentinel as it is now?
Imagine a contract that pays out in Dash, but in terms of US dollars. A quorum of MNs can quorie several exchanges, find out the going price just before payment superblock, and thus we don't over pay due to long term contracts, and at the same time, we can safely make long term contracts.
I believe Sentinel will also handle the future Evolution services such as name/password => account connections and the distributed sharded storage system.
So, it is the foundation, it handles all kinds of commands and can keep track of information. We just haven't created these sub programs to do other work yet.
I hope I got it right, and I hope smarter people will correct me where I've gone wrong. But mostly, I hope I helped you get the gist of what all this is about and why it's being done this way
Camosoul is jabbing at us, not you, just so you know, @purplegreenred
He is being sarcastic I'm gonna give this a try, but it will need correction, because like most, I don't know exactly how any of this works
The wallet is a type of node, it connects to other wallets/nodes. Sentinel is another kind of node, and it kind of runs through or connects through the wallet node. It processes information and stores it in a database. It's a more sophisticated program than the budgeting system we had before. It can handle many variables and rules on how payments are made. But this is just the beginning. It will also process other information eventually, aside from the budgeting system. It may end up handling other databases, or the core team may choose to go back to mysql for a more complex database. By modularizing Dash, the main wallet can keep in synchronicity with Bitcoin, yet have completely new functionalities. Sentinel takes these functionalities that could create complications that mess everything up if directly applied to the core wallet, and runs them separately.
OK, so what is possible with Sentinel as it is now?
Imagine a contract that pays out in Dash, but in terms of US dollars. A quorum of MNs can quorie several exchanges, find out the going price just before payment superblock, and thus we don't over pay due to long term contracts, and at the same time, we can safely make long term contracts.
I believe Sentinel will also handle the future Evolution services such as name/password => account connections and the distributed sharded storage system.
So, it is the foundation, it handles all kinds of commands and can keep track of information. We just haven't created these sub programs to do other work yet.
I hope I got it right, and I hope smarter people will correct me where I've gone wrong. But mostly, I hope I helped you get the gist of what all this is about and why it's being done this way
Thank you, you get +1 internets for giving the most comprehensive answer.Ugh, this question is not being answered, and that link is mumbo jumbo to normal people.
Camosoul is jabbing at us, not you, just so you know, @purplegreenred
I'm gonna give this a try, but it will need correction, because like most, I don't know exactly how any of this works
The wallet is a type of node, it connects to other wallets/nodes. Sentinel is another kind of node, and it kind of runs through or connects through the wallet node. It processes information and stores it in a database. It's a more sophisticated program than the budgeting system we had before. It can handle many variables and rules on how payments are made. But this is just the beginning. It will also process other information eventually, aside from the budgeting system. It may end up handling other databases, or the core team may choose to go back to mysql for a more complex database. By modularizing Dash, the main wallet can keep in synchronicity with Bitcoin, yet have completely new functionalities. Sentinel takes these functionalities that could create complications that mess everything up if directly applied to the core wallet, and runs them separately.
OK, so what is possible with Sentinel as it is now?
Imagine a contract that pays out in Dash, but in terms of US dollars. A quorum of MNs can quorie several exchanges, find out the going price just before payment superblock, and thus we don't over pay due to long term contracts, and at the same time, we can safely make long term contracts.
I believe Sentinel will also handle the future Evolution services such as name/password => account connections and the distributed sharded storage system.
So, it is the foundation, it handles all kinds of commands and can keep track of information. We just haven't created these sub programs to do other work yet.
I hope I got it right, and I hope smarter people will correct me where I've gone wrong. But mostly, I hope I helped you get the gist of what all this is about and why it's being done this way
I understand the need for a system that is separate, but works with, the core program now. Thanks!
And why the governance system to be separated from the wallet? What is the reason?
The blockchain resides into the wallet node.
Why they dont want to store the votes into the blockchain?
What are the real consequences of this separation ?
Why they designed the system like that?
Is it on purpose, or maybe is it because they are just incapable to design a governance system that resides into the blockchain?
Last edited:
Basically, it allows modules that interface with dashd. It's not merely "Sentinel makes it that way" but that dashd has been re-written to interface with modules. Sentinel is just one of those modules. It kinda takes the idea of OPS (Optional Proportional Services) that I had and bends it a bit. I hope that DashDrive is a similar modular service of it's own which binds to dashd.
Sentinel is also a lot more generic and therefore extensible. Modifying it will be a lot easier in itself, above the fact that modifying it doesn't require modifying dashd.
It's not clear yet if Sentinel will be the central hub into which other things plug, or if dashd will be that central hub. I'm just looking at it from what I can see right now. That's why I have the same interest in seeing these questions answered, and they're not being answered. We get the standard arrogant nerd game of "RTFM" followed by a link to an FM that doesn't say a single word on the topic...
It opens up security questions for me. Since MNOs have been thus far encouraged to make no effort to secure their machines... How will this open up the possibility for corrupting and replacing data? So far, MNOs have been insulated from the only real risk they faced by the hot/cold wallet setup. Since virtually none of them take security seriously, or have any clue how, it means that a supermajority of MNs could be compromised in other forms of data. Heretofore that notion has been of no consequence because MNs contained no other data that could be valueable, or serve anyone's interest by damaging it. That just changed. Sure, you won't get your coins stolen, but if 70% of the newtwork can have it's budget data replaced, that false implantation becomes the consensus. Since there was no pot of gold, there wasn't much point in trying to break into MNs. So, there's been no concern to hardening them. The best an attacker could hope for is knocking them down here and there. A totally unproductive waste of time and resources. Now, competitors coins have a target worth attacking, a collective target that isn't even trying to stop them. If they can compromise 60% or more, and keep it to themselves while they develop a simple script to deploy their own budget data...
It seems like a push towards getting everyone to use Node40. Hence the longwinded effort to explain how a centralized entity doesn't actually centralize DASH at the conference in Atlanta. It's still a centralized entity...
What happens when this same thing applies to DashDrive?
Sentinel is also a lot more generic and therefore extensible. Modifying it will be a lot easier in itself, above the fact that modifying it doesn't require modifying dashd.
It's not clear yet if Sentinel will be the central hub into which other things plug, or if dashd will be that central hub. I'm just looking at it from what I can see right now. That's why I have the same interest in seeing these questions answered, and they're not being answered. We get the standard arrogant nerd game of "RTFM" followed by a link to an FM that doesn't say a single word on the topic...
It opens up security questions for me. Since MNOs have been thus far encouraged to make no effort to secure their machines... How will this open up the possibility for corrupting and replacing data? So far, MNOs have been insulated from the only real risk they faced by the hot/cold wallet setup. Since virtually none of them take security seriously, or have any clue how, it means that a supermajority of MNs could be compromised in other forms of data. Heretofore that notion has been of no consequence because MNs contained no other data that could be valueable, or serve anyone's interest by damaging it. That just changed. Sure, you won't get your coins stolen, but if 70% of the newtwork can have it's budget data replaced, that false implantation becomes the consensus. Since there was no pot of gold, there wasn't much point in trying to break into MNs. So, there's been no concern to hardening them. The best an attacker could hope for is knocking them down here and there. A totally unproductive waste of time and resources. Now, competitors coins have a target worth attacking, a collective target that isn't even trying to stop them. If they can compromise 60% or more, and keep it to themselves while they develop a simple script to deploy their own budget data...
It seems like a push towards getting everyone to use Node40. Hence the longwinded effort to explain how a centralized entity doesn't actually centralize DASH at the conference in Atlanta. It's still a centralized entity...
What happens when this same thing applies to DashDrive?
Last edited:
Specifically, what security efforts are you talking about? For example, I have iptables enabled and only allowing SSH and the Dash client for incoming connections, keep the server up to date, and use fail2ban. Plus DDOS protection from my server provider. This is a very basic list, just curious what I'm missing.
I think camosoul raises a valid point. Masternodes now with Sentinel seem very flexible and powerful. The flip side is increased attack surface.
I'm quite surprised that bigger holes hasn't been found in Bitcoin. I guess one strength is the homogeneous structure and 100% focus on trust less design. The masternodes introduce some level of trust, in exchange for flexibility. But it makes them targets.
With all new features being added in Evolution I would be even more surprised than in the Bitcoin case if no security hole was found.
I trust we have very competent developers. I'm just afraid that economically motivated hackers will succeed in the end. I hope I'm wrong!
It would be very interesting to hear what the core team thinks and what meassures are being taken. Extensive code audit or formally provable code might be two alternatives?
I'm quite surprised that bigger holes hasn't been found in Bitcoin. I guess one strength is the homogeneous structure and 100% focus on trust less design. The masternodes introduce some level of trust, in exchange for flexibility. But it makes them targets.
With all new features being added in Evolution I would be even more surprised than in the Bitcoin case if no security hole was found.
I trust we have very competent developers. I'm just afraid that economically motivated hackers will succeed in the end. I hope I'm wrong!
It would be very interesting to hear what the core team thinks and what meassures are being taken. Extensive code audit or formally provable code might be two alternatives?
I agree that there could be, as you say @marinf , a larger attack surface with sentinel. I have to understand the mechanics better to evaluate, and of course I'm a layman. But I do not agree that masternodes introduce trust into the system. Especially at the size of our network. In fact, it can easily be argued that with all the mining power in China, it's more likely they will collude and that Bitcoin has to trust them far too much to behave. With @Otoh being the largest holder of Dash, we can evaluate the "worst case scenario". I feel it is true that otoh was and still is the largest holder of Dash because Darkcoin was still pretty insignificant and most people didn't do anything like hold their coins in separate wallets in the early days. we could watch while he bought, and there were no other wallets that large in the history of Dash. Remember, the "instamine" happened with at least 25 miners mining. 1.9 million/25 = 76000 coins if distributed evenly per miner. But that's per known miner, what about all those that don't bother to talk on the forums? And so many sold their coins immediately. My only point is that I believe that we do have a healthy distribution of masternodes. otoh has sold many of his, "spreading the word" and getting business people to invest. He's been a huge asset to Dash.
It's basically impossible to get masternodes to collude to do anything. But with sentinel, I understand less. So I will hold my assertions that it's solid 100% as I digest it all. Of course nothing is 100%, but I do trust our developers, they're pretty thorough.
It's basically impossible to get masternodes to collude to do anything. But with sentinel, I understand less. So I will hold my assertions that it's solid 100% as I digest it all. Of course nothing is 100%, but I do trust our developers, they're pretty thorough.
@TanteStefana I agree that practically speaking there is no need to trust anyone in dash. As you say the system is built such that an adversary must own a ridiculous number of MNs to be able to do an attack in practice.
However, the introduction of masternodes took one step away from a completely homogeneous network. The "trust in the system" is not spread over all the nodes, but rather a subset; the masternodes. Indeed the masternodes are still great in number but there is a limit here.
There is a well defined list of IPs of all the masternodes (ignoring some very few Tor nodes). How many of them run the same Ubuntu version, possibly even set up using the same guide?
I don't want to be an alarmist, or try to spread FUD. I just want us to make sure we invest the appropriate amount of resources in security going forward. I think we should use Bitcoin as reference and really evaluate every deviation we make from it. The introduction of masternodes is surely one such deviation. I think appropriate actions have been taken (reviewd whitepaper describing security through quorums etc) but we can't consider it a solved problem. It must be taken into consideration together with all new changes, such as the increased flexibility of sentinel.
What damage could be done if arbitrary python code could be installed on say 10% of the masternodes, replacing the original sentinel?
What kind of DOS protection will DAPI have? (This may be further down the road)
I would be happy to vote for any proposal that include security audit of the code or hire of accomplished white-hat hackers that try to find ways of hacking or DOS:ing our network.
However, the introduction of masternodes took one step away from a completely homogeneous network. The "trust in the system" is not spread over all the nodes, but rather a subset; the masternodes. Indeed the masternodes are still great in number but there is a limit here.
There is a well defined list of IPs of all the masternodes (ignoring some very few Tor nodes). How many of them run the same Ubuntu version, possibly even set up using the same guide?
I don't want to be an alarmist, or try to spread FUD. I just want us to make sure we invest the appropriate amount of resources in security going forward. I think we should use Bitcoin as reference and really evaluate every deviation we make from it. The introduction of masternodes is surely one such deviation. I think appropriate actions have been taken (reviewd whitepaper describing security through quorums etc) but we can't consider it a solved problem. It must be taken into consideration together with all new changes, such as the increased flexibility of sentinel.
What damage could be done if arbitrary python code could be installed on say 10% of the masternodes, replacing the original sentinel?
What kind of DOS protection will DAPI have? (This may be further down the road)
I would be happy to vote for any proposal that include security audit of the code or hire of accomplished white-hat hackers that try to find ways of hacking or DOS:ing our network.
I think we've discussed getting a security audit, and that it would gain a lot of support. Unfortunately, I don't have the skill to evaluate these questions. Worse still, how well is the code written? Remember Ethereum had that simple mistake where people could withdraw more than they put into a system, it was a simple code mistake. Yes, we need many eyes reviewing the code, white hats as well. If black hats hit us, though, it should make us stronger. Is anyone even trying to crack Dash? I sure hope so! Better now than later!
AFAIK ethereum never had anything wrong with it, hence, ethereum classic. Someone programmed a smart contract incorrectly and people were butthurt that the algorithm was executed to the letter. But I get your point. My guess is hackers are already trying to find vulnerabilities in dash.